After decades of deploying cyber-security systems, it is a well-known fact that theexisting cyber infrastructure has numerous inherent limitations that not only makethe maintenance of the current network security devices difficult but also provide theadversary with asymmetric advantages. These limitations include: (1) inability topropagate threat related information due to the lack of mutual interactions amongnetwork devices/controllers, (2) absence of self-awareness (for behavioral anomaly andthreat analytics) in current architecture of cyber elements, (3) Lack of self-correctingcontrol mechanisms; for instance, error-prone and time-consuming manual configuration methods, which is not effective in real-time threat mitigation, and (4) inabilityto diagnose misconfiguration (i.e., access control conflicts due to multiparty management). These inherent limitations give rise to such vulnerabilities (i.e., inability todeal with stealthy DDoS attacks, and insider threats) which shift the scale of cyber-warfare in the favor of adversary.Biological systems, on the other hand, have intrinsic appealing characteristics asa result of billions of years of evolution, such as adaptivity to varying environmentalconditions, inherent resiliency to failures and damages, successful and collaborativeoperation on the basis of a limited set of rules with global intelligence. In this thesis, todeal with aforementioned issues, we aim to develop novel bio-inspired auto-resilientand self-correcting security architecture for real time threat deterrence and attackmitigation. The main questions we aim to address are: (1) investigation of the lawsgoverning resilience and robustness in biological systems (at cellular and genetic level)and studying their applicability to cyber infrastructures, (2) design and implementation of novel nature inspired self-aware, and self-correcting access control and routing architectures. (3) Integration of actionable decision module for threat intelligencefor real-time threat deterrence/mitigation and anomalous behavior detection, and (4)verification and evaluation of the real scenarios, to prove the correctness and viabilityof the proposed approaches.
